Sign up to receive free email alerts when patent applications with chosen keywords are publishedSIGN UP

Abstract:

Systems and methods are described herein for enabling users to select
from available secure service providers (each having a Trusted Service
Manager ("TSM")) for provisioning applications and services on a secure
element installed on a device of the user. The device includes a service
provider selector ("SPS") module that provides a user interface for
selecting the secure service provider. In one embodiment, the SPS
communicates with a key escrow service that maintains cryptographic keys
for the secure element and distributes the keys to the user selected
secure service provider. The key escrow service also revokes the keys
from deselected secure service providers. In another embodiment, the SPS
communicates with a central TSM that provisions applications and service
on behalf of the user selected secure service provider. The central TSM
serves as a proxy between the secure service providers and the secure
element.

Claims:

1. A computer-implemented method for providing a secure services to a
network device comprising a secure element, the method comprising:
maintaining, by a computer, at least one cryptographic key for the secure
element, the at least one cryptographic key operable to provide secure
access to the secure element via a secure communication channel;
receiving, by the computer, a request to change trusted service managers
("TSMs") from a first TSM to a second TSM; causing, by the computer, the
first TSM to lose access to the secure element by revoking the at least
one cryptographic key from the first TSM in response to receiving the
request to change TSMs; and transmitting, by the computer, the at least
one cryptographic key to the second TSM in response to receiving the
request to change TSMs.

2. (canceled)

3. The computer-implemented method of claim 1, wherein the revoking the
at least one cryptographic key comprises transmitting a message to the
first TSM requesting that the first TSM discard the at least one
cryptographic key.

4. The computer-implemented method of claim 1, wherein the revoking the
at least one cryptographic key comprises sending a message to the secure
element requesting the secure element to block the first TSM from
accessing the secure element, and wherein the secure element is operable
to block the first TSM from accessing the secure element in response to
receiving the message.

5. The computer-implemented method of claim 4, wherein the secure element
is further operable to identify TSMs attempting to access the secure
element and to prevent access to blocked TSMs.

6. The computer-implemented method of claim 1, wherein the secure element
comprises at least one cryptographic key for each of a plurality of TSMs,
and wherein the revoking the at least one cryptographic key comprises
transmitting a message to the secure element requesting the secure
element to deactivate the at least one cryptographic key for the first
TSM.

7. The computer-implemented method of claim 1, wherein the revoking the
at least one cryptographic key comprises removing information related to
the first TSM from the secure element in response to receiving the
request to change TSMs.

8. The computer-implemented method of claim 1, wherein the revoking the
at least one cryptographic key comprises sending a message to the secure
element requesting the secure element to remove information related to
the first TSM from the secure element in response to the request to
change TSMs.

9. The computer-implemented method of claim 1, wherein the request
comprises a selection of the second TSM, and wherein the method further
comprises performing an off-path confirmation of the selection of the
second TSM prior to transmitting the at least one cryptographic key to
the second TSM.

10. (canceled)

11. (canceled)

12. A computer program product, comprising: a non-transitory
computer-readable medium having computer-readable program code embodied
therein that when executed by a computer provide a secure service to a
communication device, the computer-readable medium comprising:
computer-readable program instructions for maintaining at least one
cryptographic key for a secure memory, the at least one cryptographic key
operable to provide secure access to the secure memory via a secure
communication channel; computer-readable program instructions for
receiving a request to change secure service providers from a first
secure service provider to a second secure service provider;
computer-readable program instructions for causing the first secure
service provider to lose access to the secure memory by revoking the al
least one cryptographic key from the first TSM in response to receiving
the request to change secure service providers; and computer-readable
program instructions for transmitting the at least one cryptographic key
to the second secure service provider in response to receiving the
request to change secure service providers.

13. (canceled)

14. The computer program product of claim 12, wherein the
computer-readable program instructions for revoking the at least one
cryptographic key comprises computer-readable program code for sending a
message to the secure memory requesting the secure memory to block the
first secure service provider from accessing the secure memory, and
wherein the secure memory is operable to block the first secure service
provider from accessing the secure memory in response to receiving the
message.

15. The computer program product of claim 12, wherein the secure memory
comprises at least one cryptographic key for each of a plurality of
secure service providers, and wherein the computer-readable program
instructions for revoking the at least one cryptographic key comprises
computer-readable program instructions for transmitting a message to the
secure memory requesting the secure memory to deactivate the at least one
cryptographic key for the first secure service provider.

16. A system for providing a secure service to a network device
comprising a secure memory, the system comprising: a first network
communication module that receives a request to change trusted service
managers ("TSMs") from a first TSM to a second TSM; a key escrow service
that: maintains at least one cryptographic key for a secure memory, the
at least one cryptographic key operable to provide secure access to the
secure memory via a secure communication channel; and causes the first
TSM to lose access to the secure memory in response to receiving the
request to change TSMs by revoking the at least one cryptographic key
from the first TSM in response to receiving the request to change TSMs;
and a second network communication module that transmits the at least one
cryptographic key to the second TSM in response to receiving the request
to change TSMs, wherein the key escrow service is communicably coupled to
the first network communication module and to the second network
communication module.

17. (canceled)

18. The system of claim 16, wherein the key escrow service revokes the at
least one cryptographic key by sending, via the second network
communication module, a message to the secure element requesting the
secure element to block the first TSM from accessing the secure memory,
and wherein the secure memory is operable to block the first TSM from
accessing the secure memory in response to receiving the message.

19. The system of claim 16, wherein the secure memory comprises at least
one cryptographic key for each of a plurality of TSMs, and wherein the
escrow service revokes the at least one cryptographic key by
transmitting, via the second network communication module, a message to
the secure memory requesting the secure element to deactivate the at
least one cryptographic key for the first TSM.

20. The system of claim 16, wherein the key escrow service sends, via the
second network communication module, a message to the secure memory
requesting the secure memory to remove information related to the first
TSM from the memory in response to the request to change TSMs.

21. The system of claim 16, wherein the secure memory is a secure
element.

22. The system of claim 16, wherein the request to change TSMs is
received from the network device.

23. The system of claim 16, wherein the key escrow service revokes the at
least one cryptographic key by transmitting a message to the first TSM
requesting that the first TSM discard the at least one cryptographic key.

24. The system of claim 18, wherein the secure memory is further operable
to identify TSMs attempting to access the secure element and to prevent
access to blocked TSMs.

25. The system of claim 16, wherein the key escrow service sends a
message to the secure memory requesting the secure memory to remove
information related to the first TSM from the secure memory in response
to the request to change TSMs.

26. The system of claim 16, wherein the request comprises a selection of
the second TSM, and wherein the key escrow service performs an off-path
confirmation of the selection of the second TSM prior to transmitting the
at least one cryptographic key to the second TSM.

27. The system of claim 16, wherein the at least one cryptographic key
enables the second TSM to install and provision at least one software
application onto the secure memory.

28. The computer-implemented method of claim 1, the request to change
TSMs is received from the network device.

29. The computer program product of claim 12, wherein the secure memory
is a secure element.

30. The computer program product of claim 12, wherein the revoking the at
least one cryptographic key comprises transmitting a message to the first
secure service provider requesting that the first secure service provider
discard the at least one cryptographic key.

31. The computer program product of claim 14, wherein the secure memory
is further operable to identify secure service providers attempting to
access the secure memory and to prevent access to blocked secure service
providers.

32. The computer program product of claim 12, further comprising
computer-readable program instructions for removing information related
to the first secure service provider from the secure memory in response
to receiving the request to change secure service provider.

33. The computer program product of claim 12, further comprising
computer-readable program instructions for sending a message to the
secure memory requesting the secure memory to remove information related
to the first secure service provider from the secure memory in response
to the request to change secure service providers.

34. The computer program product of claim 12, wherein the request
comprises a selection of the second secure service provider, and wherein
the computer program product further comprises computer-readable program
instructions for performing an off-path confirmation of the selection of
the second secure service provider prior to transmitting the at least one
cryptographic key to the second secure service provider

35. The computer program product of claim 12, wherein the at least one
cryptographic key enables the second secure service provider to install
and provision at least one software application onto the secure memory.

Description:

RELATED APPLICATION

[0001] This application is a continuation of and claims priority to U.S.
patent application Ser. No. 13/244,876, filed Sep. 26, 2011 and entitled
"Enabling Users to Select Between Secure Service Providers Using a Key
Escrow Service," which claims priority to U.S. Provisional Patent
Application No. 61/535,329, filed Sep. 15, 2011 and entitled "Enabling
Users To Select Between Secure Service Providers Using A Key Escrow
Service." The complete disclosure of each of the above-identified
priority applications is hereby fully incorporated herein by reference.

TECHNICAL FIELD

[0002] The present disclosure relates to systems and methods for enabling
mobile device users to select from available Trusted Service Managers
("TSMs") for completing secure transactions, communications, and other
tasks.

BACKGROUND

[0003] The current Near Field Communication ("NFC") eco-system relies on a
piece of hardware commonly referred to as a "secure element" installed on
communication devices to provide a secure operation environment for
financial transactions, transit ticketing, identification and
authentication, physical security access, and other functions. A secure
element generally includes its own operating environment with a
tamper-proof microprocessor, memory, and operating system. A Trusted
Service Manager (TSM), among other things, installs, provisions, and
personalizes the secure element. The secure element has one or more keys
that are typically installed at manufacture time. A corresponding key is
shared by the TSM so that the TSM can establish a cryptographically
secure channel to the secure element for installation, provisioning, and
personalization of the secure element while the device having the secure
element is in the possession of an end user. In this way, the secure
element can remain secure even if the host CPU in the device has been
compromised.

[0004] The problem with current NFC systems is that there is a tight
coupling between the secure element and the TSM. For current deployments,
only one TSM has access to the keys of a particular secure element.
Therefore, the end user can choose to provision secure element features
that are supplied by the one TSM only. This TSM is typically chosen by
the manufacturer of the device. For example, a smart phone manufacturer
may select the TSM for smart phones under guidance from a Mobile Network
Operator ("MNO"), such as SPRINT or VERIZON, that purchases the smart
phone rather than the end user. Thus, the TSM features available to the
end user may not be in the end user's interest. As an example, the MNO
may have a business relationship with one payment provider, such as
MASTERCARD or BANK of AMERICA, only. That TSM may allow the secure
element to be provisioned with payment instructions from the one payment
provider only. Thus, the end user would not be able to access services
from other payment providers, such as VISA.

SUMMARY

[0005] In certain exemplary embodiments, a method for providing secure
services to a network device having a secure element includes a computer
maintaining at least one cryptographic key for the secure element. The at
least one cryptographic key is operable to provide secure access to the
secure element via a secure communication channel. The computer receives
from the network device a selection of a secure service provider. The
computer transmits the at least one cryptographic key to the selected
secure service provider in response to receiving the selection.

[0006] These and other aspects, objects, features, and advantages of the
exemplary embodiments will become apparent to those having ordinary skill
in the art upon consideration of the following detailed description of
illustrated exemplary embodiments, which include the best mode of
carrying out the invention as presently perceived.

BRIEF DESCRIPTION OF THE DRAWINGS

[0007]FIG. 1 depicts a Near Field Communication ("NFC") system, in
accordance with certain exemplary embodiments.

[0008]FIG. 2 is a block flow diagram depicting a method for changing
secure service providers in the NFC system of FIG. 1, in accordance with
certain exemplary embodiments.

[0010]FIG. 4 is a block flow diagram depicting a method for changing
secure service providers in the NFC system of FIG. 3, in accordance with
certain exemplary embodiments.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS

Overview

[0011] The methods and systems described herein enable an end user of a
communication device, such as a mobile phone, to select a secure service
provider to use with a secure element stored on the communication device.
In one embodiment, a system includes a key escrow service that manages
cryptographic keys for one or more users and one or more secure service
providers. Typically, the secure element and one or more cryptographic
keys for the secure element are installed on each user communication
device at the time that the communication devices are manufactured. These
keys or corresponding keys are provided to the key escrow service. Each
user device also includes a service provider selector ("SPS") module or
software application that enables the users to select from available
secure service providers. The SPS transmits, via a secure channel,
information identifying the selected service provider to the key escrow
service in response to a user selection. The key escrow service provides
the key for the user's secure element to a Trusted Service Manager
("TSM") of the selected secure service provider. The key escrow service
also revokes the key for the user's secure element from the TSM of the
user's previous secure service provider. In addition, the SPS can prevent
unauthorized secure service providers, such as the previous secure
service provider, from accessing the secure element.

[0012] In another embodiment, a central TSM performs business logic and
application provisioning on behalf of other secure service providers.
Rather than distributing the cryptographic keys to selected secure
service providers, the central TSM acts as a proxy between the selected
secure service provider and the secure element installed on the
communication device.

[0013] The exemplary systems and methods described herein overcome the
deficiencies of conventional NFC systems that allow users to access
services of one secure service provider only. Rather than being limited
to the functionality and services provided by the one secure service
provider, the user can select from multiple secure service providers. For
example, if a secure service provider does not provide services that the
user desires, such as making payments via a particular brand of credit
card, the user can select a secure service provider that does provide
these services.

[0014] One or more aspects of the exemplary embodiments may include a
computer program that embodies the functions described and illustrated
herein, wherein the computer program is implemented in a computer system
that comprises instructions stored in a machine-readable medium and a
processor that executes the instructions. However, it should be apparent
that there could be many different ways of implementing the exemplary
embodiments in computer programming, and the exemplary embodiments should
not be construed as limited to any one set of computer program
instructions. Further, a skilled programmer would be able to write such a
computer program to implement an embodiment based on the appended flow
charts and associated description in the application text. Therefore,
disclosure of a particular set of program code instructions is not
considered necessary for an adequate understanding of how to make and use
the exemplary embodiments. Moreover, any reference to an act being
performed by a computer should not be construed as being performed by a
single computer as the act may be performed by more than one computer.
The functionality of the exemplary embodiments will be explained in more
detail in the following description, read in conjunction with the figures
illustrating the program flow.

[0015] Turning now to the drawings, in which like numerals indicate like
(but not necessarily identical) elements throughout the figures,
exemplary embodiments are described in detail.

System Architecture

[0016]FIG. 1 depicts a Near Field Communication ("NFC") system 100, in
accordance with certain exemplary embodiments. As depicted in FIG. 1, the
system 100 includes one or more end user network devices 110, one or more
application providers 180, a key escrow service 150, a mobile network
operator ("MNO") 130, and multiple secure service providers 160. Each of
the application providers 180, key escrow service 150, and secure service
providers 160 include a network device configured to communicate via the
Internet 140. For example, each of the application providers 180, key
escrow service 150, and secure service providers 160 may include a
server, desktop computer, laptop computer, tablet computer, smartphone,
handheld computer, personal digital assistant ("PDA"), or any other wired
or wireless, processor-driven device. In one embodiment, the key escrow
service 150 includes (or is communicably coupled to) a first network
communication module for receiving requests to change (or select) from
available secure service providers 160 and a second network communication
module for transmitting cryptographic keys 120 to secure service
providers 160. The first and second network communication modules may be
the same or different network communication modules.

[0017] The end user network devices 110 may be mobile phones, smart
phones, PDAs netbook computers, laptop computers, tablet computers, or
any other wired or wireless, processor-driven device. As shown in FIG. 1,
the end user network devices 110 access the Internet 140 via the MNO 130.
Exemplary MNOs include VERIZON, SPRINT, and AT&T. The MNOs provide
Internet access to the end user network devices 110 via a mobile network
(not shown), such as a 3G or 4G mobile communication network. Of course,
the end user network devices 110 can access the Internet 140 via other
mechanisms, such as Wi-Fi in connection with an Internet provider.

[0018] The end user network devices 110 each include a secure element 111
having one or more cryptographic keys 120, an NFC controller 112, an NFC
antenna 113, an host CPU 114, and an SPS 115. The NFC controller 112 and
the NFC antenna 113 enable the end user network device 110 to communicate
with other NFC-enabled devices (not shown). For example, the end user
network devices 110 can communicate with NFC-enabled merchant point of
sale ("POS") devices, ticketing devices, security devices, and other end
user network devices 110.

[0019] The host CPU 114 executes applications stored on the end user
network device 110. For example, the host CPU 114 may execute
applications that interact with the NFC controller 112, such as NFC
payment applications that enable the user operating the end user network
device 110 to complete purchases via an NFC-enabled POS or a transit or
event ticketing application that enables the user to enter a transit
facility or event via an NFC-enabled ticketing POS. Other applications,
including identification, authentication, security, and coupon clipping
and redemption applications, also may be stored on the end user network
device 110 for execution by the host CPU 114 in connection with the NFC
controller 112 and the NFC antenna 113.

[0020] Each of the applications may be provided by a respective
application provider 180. For example, a credit card company may provide
a credit card payment application; a transit or other ticketing company
may provide a ticket purchasing and redemption application; a
manufacturer, retailer, or other entity that sells products or services
may provide a coupon application; and an authentication company may
provide a user authentication application.

[0021] NFC applications are typically stored in the secure element 111 of
the end user network device 110 for security purposes. The secure element
111 provides a secure operating environment for the NFC (or other)
applications. The secure element 111 typically includes its own operating
environment with tamper-proof microprocessor, operating system, and
memory for storing information, such as payment credentials. The secure
element 111 may exist within a fixed chip of the end user network device
110, a Subscriber Identification Module ("SIM") card, a Universal
Integrated Circuit Card ("UICC"), a removable smart chip, or in a memory
card, such as a microSD card. The secure element 111 also may include a
memory controller for managing Read Only Memory ("ROM"), Ready Access
Memory ("RAM"), and EEPROM flash memory of the card or chip in which the
secure element 111 is installed.

[0022] In general, the secure service providers 160 serve as
intermediaries that assist application providers 180 and other service
providers in securely distributing and managing applications and
services, such as NFC contactless applications services. A TSM 170 of the
secure service provider 160 typically hosts the applications and installs
and provisions the applications onto the secure element 111. As shown in
FIG. 1, each TSM 170 can receive, store, and utilize the keys 120 for
users' secure elements 111. By having the keys 120, the TSM 170 can
access the secure elements 111 via a secure encrypted communication
channel to install, provision, and customize applications within the
secure elements 111. Exemplary secure services providers 160 include
GEMALTO and FIRST DATA.

[0023] In certain exemplary embodiments, the secure service providers 160
bypass the host CPU 114 and the NFC controller 112 when communicating
with the secure element 111. For example, in certain UICC/SIM secure
elements, the secure service providers 160 communicate with the secure
element 111 via a radio CPU (not shown) installed on the end user network
device 110. Thus, the involvement of the NFC controller 112 and the host
CPU 114 may be optional during the provisioning of applications on the
secure element 111 in certain exemplary embodiments. In certain exemplary
embodiments, the host CPU 114 and the radio CPU interact with one another
to coordinate access controls to the secure element 111.

[0024] The key escrow service 150 maintains the keys 120 for the secure
elements 111. The key escrow service 150 also distributes the keys to the
TSMs 170, for example in response to a user selection. For instance, if a
user elects to switch from a first secure service provider 160A to a
second secure service provider 160B, the key escrow service 150 revokes
the keys 120 from the first TSM 170A and provides the keys 120 to the
second TSM 170B. The second TSM 170 can then access the secure element
111 of the user's network device 110.

[0025] The SPS 115 is implemented in software and/or hardware and enables
the user of the end user network device 110 to select or change secure
service providers 160 via the key escrow service 150. The SPS 115
provides a user interface that allows the user to make a selection of a
secure service provider 160. In response to a user selection, the SPS 115
transmits information regarding the selected secure service provider 160
to the key escrow service 150. The key escrow service 150 also can
confirm the selection via one or more off-path mechanisms. The SPS 115,
key escrow service 150, and other components of the exemplary system 100
are described in more detail hereinafter with reference to the method
depicted in FIG. 2.

[0026]FIG. 3 depicts another NFC system 300, in accordance with certain
alternative exemplary embodiments. The exemplary system 300 includes many
of the same components as the system 100, including one or more end user
network devices 110, one or more application providers 180, an MNO 130,
and multiple secure service providers 160. However, rather than a key
escrow service 150, the system 300 includes a central managed TSM 350.
The managed TSM 350 includes a network device configured to communicate
with the Internet 140, such as a server, desktop computer, laptop
computer, tablet computer, smartphone, handheld computer, PDA, or other
wired or wireless, processor-driven device. Similar to the key escrow
service 150, the managed TSM 350 maintains the keys 120 for the secure
elements 111 and enables the users operating the end user network devices
110 to select from multiple secure service providers 160. Rather than
distributing the keys 120 to the selected TSMs 170, the managed TSM 350
can interact with the secure elements 111 on behalf of the selected
secure service provider 160. That is, the managed TSM 350 can install,
provision, and interact with applications installed on the secure
elements 111. Or, the managed TSM 350 can establish (and terminate) a
secure communication channel between the selected TSM 170 and the secure
element 111 such that the selected TSM 170 can interact with the secure
element 111. This secure communication channel may be encrypted with a
different key that is not associated with the secure element 111, and may
be specific to each secure service provider 160. The managed TSM 350 also
can perform business logic on behalf of the secure service providers 160.
The managed TSM 350 and other components of FIG. 3 are described in more
detail hereinafter with reference to the method depicted in FIG. 4.

System Process

[0027]FIG. 2 is a block flow diagram depicting a method 200 for changing
secure service providers in the NFC system 100 of FIG. 1. The method 200
is described with reference to the components illustrated in FIG. 1.

[0028] In block 205, one or more secure cryptographic keys 120 are
provided for a secure element 111. In certain exemplary embodiments, the
secure element 111 and its keys 120 are installed on an end user network
device 110 at manufacture time. In certain exemplary embodiments, the
secure element 111 and its keys 120 are installed on a removable card or
chip, such as a SIM card or microSD card, that is later installed on the
end user network device 110.

[0029] In block 210, the keys 120 for the secure element 111 or
corresponding keys are provided to the key escrow service 150. These keys
120 enable the key escrow service 150 (or another entity that receives
the keys 120) to create a secure communication channel with, and gain
access to, the secure element 111. Optionally, the keys 120 also are
provided to a TSM 170 of a secure service provider 160. Conventionally,
the secure service provider 160 and the TSM 170 for the secure element
111 are selected by the manufacturer of the end user network device 110,
typically under guidance from the MNO 130 that purchases the end user
network device 110. In this case, the keys 120 may be provided to that
TSM 170. Alternatively, the keys 120 are provided to the key escrow
service 150 only. In this case, the user operating the end user network
device 110 (or another entity, such as the MNO 130) can make an initial
selection of secure service providers 160 using the SPS 115.

[0030] In block 215, the user selects a secure service provider 160 and
thus, a TSM 170, using the SPS 115. For example, the user may access the
SPS 115 using the end user network device 110. The SPS 115 may present a
user interface that lists available secure service providers 160 and
optionally the services supported by the secure service providers 160.
For example, the SPS 115 may display financial institutions for which
contactless transactions are supported by each secure service provider
160. In another example, the SPS 115 may display applications provisioned
and supported by each available secure service provider 160. In yet
another example, the SPS 115 may provide a search function that enables
users to search secure service providers 160 based on their features and
services. When the user finds an appropriate secure service provider 160,
the user can select that secure service provider 160 using the SPS 115.

[0031] In block 220, the SPS 115 transmits a request to use the selected
service provider 160 to the key escrow service 150 in response to the
user selection. The request typically includes information identifying
the selected secure service provider 160. In response to receiving the
request, the key escrow service 150 processes the request.

[0032] In block 225, the key escrow service 150 performs an off-path
confirmation procedure to confirm that the user initiated the request to
use the selected secure service provider 160. This block 225 is optional
and provides an additional level of security for the SPS 115/key escrow
service 150 system for example to prevent another person from accessing
this feature in the event that the end user network device 110 is lost or
stolen.

[0033] In one embodiment, the off-path confirmation procedure includes the
key escrow service 150 communicating to the user that the request was
made via a different communication channel than through the end user
network device 110. For example, the key escrow service 150 may transmit
an SMS text message to a mobile phone of the user that indicates that the
request was made. Or, key escrow service 150 may make a telephone call to
the user with a message that the request was made. The text message or
voice message may instruct the user to call a certain telephone number if
the user did not make the request. The key escrow service 150 also may
require that the user confirm the request. For example, the text message
may instruct the user to respond to the text message, access a web site
of the key escrow service 150, or call the key escrow service 150 to
confirm the request. Also, a code may be provided in the message to the
user and the user may be required to enter the code via phone or via the
web site to confirm the request.

[0034] In block 230, if another TSM 170 possessed the keys 120 for the
secure element 115, the key escrow service 150 revokes the keys 120 from
that previous TSM 170. In one embodiment, the key escrow service 150
sends a message, for example an SMS text message, to the previous TSM 170
requesting that the TSM discard the keys 120. The secure service
providers 160 may be obligated under contract to discard the keys 120 in
response to such a request.

[0035] In another embodiment, the key escrow service 150 revokes the keys
120 from the previous TSM 170 by instructing the secure element 111 to
block the previous TSM 170. The secure element 111 can include program
code that identifies TSMs 170 attempting to access the secure element 111
and a list of allowed and/or blocked TSMs 170. When a TSM 170 attempts to
access the secure element 111, the secure element 111 can compare
information identifying that TSM 170 to the list(s) to determine whether
to grant access. The key escrow service 150 also can send a request to
the previous TSM 170 requesting that the previous TSM discard the keys
120. Of course, the blocked TSM 170 can be unblocked in the event that
the user reselects the secure service provider 160 for that TSM 160. For
example, the key escrow service 150 may send a message to the secure
element 111 requesting that the secure element 110 unblock the TSM 170.

[0036] In yet another embodiment, the key escrow service 150 revokes the
keys 120 from the previous TSM 170 via the use of a master key and TSM
specific keys. A TSM specific key may be provided to the secure element
111 for each available TSM or for a selected TSM 170. The TSM specific
keys also are distributed to the respective TSMs 170. The TSM specific
keys may be preloaded onto the secure element 111 at manufacture time,
installed at a later date by the key escrow service 150, or installed by
the key escrow service 150 in response to the user selecting a TSM 170.
The secure element 111 can control which of the TSM specific keys are
active and which TSM specific keys are inactive. For example, if a user
requests to switch from secure service provider 160A to secure service
provider 160B, the SPS 115 communicates this request (and information
identifying the selected TSM 170B) to a key management applet or module
(not shown) of the secure element 111. The key management applet
activates the TSM specific key for the TSM 170B and deactivates the TSM
specific key for the TSM 170A in response to the request. At this point,
the secure element 111 allows access to the TSM 170B while blocking
access from the TSM 170A.

[0037] In block 235, information stored on the secure element 111 related
to the previous TSM 170 and/or previous secure service provider 160 is
removed from the secure element 111. For example, payment card
credentials associated with the previous TSM 170 may be stored on the
secure element 111 while that TSM 170 is being used in conjunction with
the secure element 111. These credentials are removed from the secure
element 111 prior to enabling another TSM 170 access to the secure
element 111. In addition, any applications installed on the secure
element 111 for the previous TSM 170 are uninstalled. In certain
exemplary embodiments, the key escrow service 150 sends a command to an
applet or module of the secure element 111, such as a card manager
applet, to remove the information related to the previous TSM 170.

[0038] In block 240, the key escrow service 150 transmits the keys 120 to
the TSM 170 of the selected secure service provider 160. This
transmission is typically made via a secure communication channel. For
example, the key escrow service 150 may send the keys 120 to the selected
TSM 170 via an encrypted communication channel. In block 245, the
selected TSM 170 receives the keys 120.

[0039] In certain exemplary embodiments, the key escrow service 150 delays
transmitting the keys 120 to the TSM 170 of the selected secure service
provider 160 until receiving confirmation that the information and
applications related to the previous TSM 170 are removed from the secure
element 111. In some embodiments, the key escrow service 150 may not
transmit the keys 120 to the TSM 170 of the selected secure service
provider 160 without receiving off-path confirmation from the user that
the user requested to use the selected secure service provider 160.

[0040] In block 250, the TSM 170 of the selected secure service provider
160 attempts to create a secure communication channel with the secure
element 111 using the received keys 120. In one embodiment, the TSM 170
sends an encrypted message to the secure element 111 requesting access to
the secure element 111. The TSM 170 encrypts the message by performing a
cryptographic algorithm on the message using the received keys 120.

[0041] In block 255, the secure element 111 determines whether to grant
access to the TSM 170. In one embodiment, the processor of the secure
element 111 performs a cryptographic algorithm on the received message
using the keys 120 stored on the secure element 111 to determine whether
to grant access to the TSM 170.

[0042] In certain exemplary embodiments, the SPS 115 makes an initial
determination as to whether to grant access to a TSM 170 prior to the
secure element 111 validating the TSM 170. For example, when the end user
network device 110 receives a request for access to the secure element
111, the SPS 115 may evaluate the request to determine whether the TSM
170 that issued the request is the TSM 170 that the user selected prior
to the request being passed to the secure element 111. If the SPS 115
determines that the TSM 170 that issued the request is the selected TSM
170, then the secure element 111 may validate the request in accordance
with the acts of block 255.

[0043] If the secure element 111 grants access to the TSM 170, the method
200 follows the "Yes" branch to block 265. Otherwise, if the secure
element 111 determines that the TSM 170 should be blocked, the method 200
follows the "No" branch to block 260.

[0044] In block 260, the secure elements 111 blocks the TSM 170 from
accessing the secure element 111. The secure element 111 also may send a
message to the TSM 170 to notify the TSM 170 that the TSM 170 was not
granted access.

[0045] In block 265 the TSM 170 provisions services at the secure element
111. The TSM 170 may transmit to the secure element 111 one or more
applications and credentials for use with those applications. The
applications may be selected by the user. For example, the user may
request an application from an application provider 180. In response, the
application provider 180 requests the TSM 170 to install the application
onto the secure element 111 of the user. The application provider 180
also may provide information regarding the user or account information of
the user to the TSM 170 for storing at the secure element 111. For
example, a credit card company may provide a payment application and
information regarding a payment account of the user to the TSM 170 for
installing/storing on the secure element 111. In certain exemplary
embodiments, the user may request the application from the key escrow
service 150 or the secure service provider 160.

[0046] In block 270, the user accesses services provided by the selected
secure service provider 160 in connection with one or more application
providers 180. For example, if the application provider 180 is a credit
card company, the user may complete purchases using the end user network
device 110 at an NFC-enabled POS. The NFC controller 112 may interact
securely with the secure element 111 to obtain payment credentials from
the secure element 111 and provide those credentials to the NFC-enabled
POS via the NFC antenna 113.

[0047] After block 270, the method 200 ends. Of course, the user can
continue to access services provided by the selected secure service
provider 160 or switch to another secure service provider 160.

[0048]FIG. 4 is a block flow diagram depicting a method 400 for changing
secure service providers in the NFC system 300 of FIG. 3, in accordance
with certain exemplary embodiments. The method 400 is described with
reference to the components illustrated in FIG. 3.

[0049] In block 405, one or more secure cryptographic keys 120 are
provided for a secure element 111. In certain exemplary embodiments, the
secure element 111 and its keys 120 are installed on an end user network
device 110 at manufacture time. In certain exemplary embodiments, the
secure element 111 and its keys 120 are installed on a removable card or
chip, such as a SIM card or microSD card, that is later installed on the
end user network device 110.

[0050] In block 410, the keys 120 for the secure element 111 or
corresponding keys are provided to the managed TSM 350. These keys 120
enable the managed TSM 350 (or another entity that receives the keys 120)
to create a secure communication channel with and gain access to the
secure element 111.

[0051] In block 415, the user selects a secure service provider 160 using
the SPS 115. This block 415 can be the same as or similar to block 215
illustrated in FIG. 2 and described above. In block 420, the SPS 115
transmits a request to use the selected service provider 160 to the
managed TSM 350 in response to the user selection. The request typically
includes information identifying the selected secure service provider
160. In response to receiving the request, the managed TSM 350 processes
the request.

[0052] In block 425, the managed TSM 350 performs an off-path confirmation
procedure to confirm that the user initiated the request to use the
selected secure service provider 160. This block is optional and is
substantially similar to block 225 of FIG. 2 described above. However,
the managed TSM 350 performs the off-path confirmation in block 425
rather than the key escrow service 150.

[0053] In block 430, information stored on the secure element 111 related
to the previous TSM 170 and/or previous secure service provider 160 is
removed from the secure element 111. For example, payment card
credentials associated with the previous TSM 170 may be stored on the
secure element 111 while that TSM 170 is being used in conjunction with
the secure element 111. These credentials are removed from the secure
element 111 prior to enabling another TSM 170 access to the secure
element 111. In addition, any applications installed on the secure
element 111 for the previous TSM 170 are uninstalled. In certain
exemplary embodiments, the managed TSM 350 sends a command to an applet
or module of the secure element 111, such as a card manager applet, to
remove the information related to the previous TSM 170.

[0054] In block 435, the managed TSM 350 creates a secure communication
channel with the secure service provider 160 that the user selected. This
secure communication channel may be encrypted, for example using one or
more cryptographic keys different than the keys 120. Other encryption
techniques may be used as would be appreciated by one of ordinary skill
in the art having the benefit of the present disclosure.

[0055] In block 440, the managed TSM 350 notifies the selected secure
service provider 160 that the user has requested to access the services
of that secure service provider 160. The managed TSM 350 also may request
one or more applications from the secure service provider 160 on behalf
of the user. Or, the user may request the one or more applications from
the application provider 180 and the application provider 180, in turn,
transmits a request to the secure service provider 160 to provide the one
or more applications to the user's secure element 111. In block 445, the
selected secure service provider 160 transmits the requested
application(s) and any other appropriate information to the managed TSM
350. For example, this other appropriate information may include a
credential for accessing the secure service, such as payment card
credentials.

[0056] In block 450, the managed TSM 350 creates a secure communication
channel with the secure element 111 using the one or more keys 120. In
block 455, the managed TSM 350 provisions services at the secure element
111. The managed TSM 350 may transmit to the secure element 111 one or
more applications and credentials for use with those applications. The
managed TSM 350 also may provide information regarding the user or an
account of the user to the secure element 111. For example, a credit card
company may provide a payment application and information regarding a
payment account of the user to the managed TSM 350 for installing/storing
on the secure element 111.

[0057] In block 460, which is optional, the managed TSM 350 executes
business logic for the selected secure service provider 160 and serves as
a proxy or intermediary between the selected secure service provider 160.
Examples of business logic performed by the managed TSM 350 includes
validating whether a user has a payment card with a partnered financial
institution, validating credit card credentials provided by a user so
that the credit card can be provisioned to the secure element 111,
validating whether the selected secure service provider 160 provides a
requested service for the given end user network device 150 on the MNO
130 that the end user network device 150 communicates with, and receiving
a provisioning request from the user and translating the provisioning
instructions for the secure element 111.

[0058] In block 465, the user accesses services provided by the selected
secure service provider 160 in connection with one or more application
providers 180. For example, if the application provider 180 is a credit
card company, the user may redeem transit tickets using the end user
network device 110 at an NFC-enabled POS. The NFC controller 112 may
interact securely with the secure element 111 to obtain transit ticket
credentials from the secure element 111 and provide those credentials to
the NFC-enabled POS via the NFC antenna 113.

[0059] After block 465, the method 400 ends. Of course, the user can
continue to access services provided by the selected secure service
provider 160 or switch to another secure service provider 160.

General

[0060] The exemplary methods and blocks described in the embodiments
presented previously are illustrative, and, in alternative embodiments,
certain blocks can be performed in a different order, in parallel with
one another, omitted entirely, and/or combined between different
exemplary methods, and/or certain additional blocks can be performed,
without departing from the scope and spirit of the invention.
Accordingly, such alternative embodiments are included in the invention
described herein.

[0061] The invention can be used with computer hardware and software that
performs the methods and processing functions described above. As will be
appreciated by those having ordinary skill in the art, the systems,
methods, and procedures described herein can be embodied in a
programmable computer, computer executable software, or digital
circuitry. The software can be stored on computer readable media. For
example, computer readable media can include a floppy disk, RAM, ROM,
hard disk, removable media, flash memory, memory stick, optical media,
magneto-optical media, CD-ROM, etc. Digital circuitry can include
integrated circuits, gate arrays, building block logic, field
programmable gate arrays ("FPGA"), etc.

[0062] Although specific embodiments of the invention have been described
above in detail, the description is merely for purposes of illustration.
Various modifications of, and equivalent blocks corresponding to, the
disclosed aspects of the exemplary embodiments, in addition to those
described above, can be made by those having ordinary skill in the art
without departing from the spirit and scope of the invention defined in
the following claims, the scope of which is to be accorded the broadest
interpretation so as to encompass such modifications and equivalent
structures.